Get Secure.

Simple steps to help you be secure online

Enroll In Two-Factor Authentication (2FA)

Two-factor authentication (2FA) is the single most important thing you can do to protect against stolen passwords, phishing scams, and other attempts to take over your online accounts and steal your data.

How 2FA Works

After you enroll in 2FA, you will use your CNetID credentials to log in to 2FA-protected University systems, but then you will use another device, usually a smartphone, to provide secondary confirmation of your identity.

For more information about 2FA, please see the Two-Factor Authentication FAQ.

Enroll In 2FA

You can sign up for the University’s 2FA online. Read the Two-Factor Authentication (2FA) Overview article to learn more, or go directly to the Two-Factor Authentication website and click Go to Two-Factor to enroll.

Additional Resources

Keep Your Software Up To Date

It can be tempting to ignore software update notifications when they pop up on your screen, especially when your computer seems to be working fine. Nevertheless, it is very important that you not ignore or forget to approve updates.

What Software Updates Do

Developers continually improve operating systems and software products to enhance security, design, and user features. They send these upgrades to their user communities in the form of quick one-time installation packages. Very often these updates are important bug fixes or security patches to address potential vulnerabilities, malware, and more. When you promptly accept updates to your operating systems and apps, you make yourself less vulnerable to attack.

Stay Current and Use Automatic Updates

Many threats work by exploiting known vulnerabilities for which security patches are available. Computers missing the latest updates are susceptible to these types of threats. Be sure to accept patches and updates from trusted sources as they become available to best protect your data and equipment.

Though it is possible, and in some cases necessary, to manually check for updates and patches, signing up for automatic updates and notifications is a more reliable and consistent way to stay up to date.

Download Software from Trusted Sources

UChicago IT Services offers free software downloads for students, faculty, and staff for a variety of trusted security, antivirus, backup, and productivity tools to help you keep up to date. Consult our Knowledge Base articles about software licensing to learn how to acquire these products.

If you are ever not sure whether a software product or security patch is from a trusted source, check with your local IT service desk or call (773) 702-5800 (extension 2-5800 on campus).

Identify and Avoid Phishing

The goal of a phishing scam is to steal personal data like credit card numbers, passwords, Social Security numbers, and other information. These fraudulent emails appear to come from organizations you know and trust, like your bank, credit card company, or school. They often include authentic-looking logos and links. Phishing emails will ask you to provide your bank account information, Social Security number, or other personal information. If you think you’ve received a phishing email, do not respond to it. University administrators and IT Services personnel will never request your CNetID username or password by email. This is also the policy of most government agencies and financial institutions.

To see the latest phishing reports, check the Latest Phishing Scams blog feed. If you would like to learn more about phishing, see our Phishing page.

Be suspicious of any email with urgent requests for personal information.

Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately. They typically ask for information such as your username, password, credit card numbers, social security number, or date of birth. Phishing emails will are usually worded generically, although occasionally phishers will go to the trouble to personalize them to make them seem more credible. If you receive an email requesting any kind of personal information, verify the source of the request by calling the person or organization in the From field before you respond or open any attachments.

Never share passwords, personal information, or financial information over email.

You should only provide private information such as credit card numbers or account information using a secure website or telephone. Email is not a secure way to send sensitive information. Never email your password, personal information, or financial information. Likewise, because there is no way to check the security certificate of pop-up windows, do not use them to provide sensitive information even though they may look official or claim to be secure. Close pop-up windows by clicking the X in the top right corner. Do not click a Cancel button on a pop-up; it may be a trap!

Don’t trust offers that seem too good to be true.

What looks too good to be true probably is too good to be true. If you don’t remember a relative, you probably don’t stand to inherit millions of dollars from him or her. If you don’t remember entering a lottery, you probably haven’t won anything. Exercise common sense before responding.

Do not click links in email messages if you suspect the message might not be authentic or if you don’t know the sender.

Always verify the real target address of a link by hovering the mouse over the link before clicking it, or type the link in the browser window yourself.

Be Smart About Public Wi-Fi

Be Smart About Public Wi-Fi

Public wi-fi networks, such as those provided by cafés, restaurants, and hotels, are undoubtedly convenient and valuable services. But are you risking your privacy and security by using them?

If your computer is connected to the internet, you are vulnerable to hackers. Attackers may crash your system, hijack your system to spawn new attacks, steal passwords and credit card information, get access to personal or work-related confidential data.

Be smart about using wi-fi networks, whether you’re traveling or in your own neighborhood.

  • Turn off wi-fi when working offline
  • Use appropriate network connection settings
  • Use a virtual private network (VPN) to encrypt your communication
  • Turn off automatic sharing
  • Enable system firewalls

For further information about using public wi-fi safely, please go to our Wi-Fi Security page.

Back Up Your Data

In addition to protecting yourself against such security threats as malware and phishing scams, it is also important to safeguard your data by making electronic copies of important files and saving them in a secure location. Computer malfunctions, theft, viruses, and accidental deletion are just some of the ways you can lose academic work, photos, financial records, and other valuable information.

Make Backup Copies

The first thing you need to do is make copies of your files. Many computers offer a backup software program that can copy all the files and programs on your computer.

Store Your Backups

After you make copies, you need to make sure to store them safely. Ideally, you should back up your files and data in more than one place. Here are some options:

  • Hardware Backup Storage: While you can use CDs, DVDs, and flash drives for storing a small volume of information, such as photos and songs, external hard drives can hold far more data, and can plug directly into your computer for faster copying. Make sure to store your devices in a safe place and consider keeping an additional backup of important files at a separate physical location in case of fire or theft.
  • Online Backup Storage: You can also back up your files to a secure server over the Internet. UChicago faculty and staff can use Tivoli Storage Manager to back up their files.

Secure Your Devices

Enable Mobile Password Protection

Smartphones and tablets are easy targets for data and identity thieves. Keep your mobile devices protected by always enabling home screen passwords and locks. These passwords protect information stored on your devices in case they are misplaced or stolen.

Find out more about enabling password protection on your mobile devices:

Encrypting your desktop, laptop, and mobile devices is the best protection for your personal information and UChicago data should the device ever be lost or stolen.

Enhance Your Privacy and Security With Encryption

Encrypting your desktop, laptop, and mobile devices is the best protection for your personal information and UChicago data should the device ever be lost or stolen.

While password protection and enhanced authentication protect your devices and user accounts from intrusion, encryption adds another layer of security for data in your files, folders, hard drives, or removable storage devices such as USB flash drives. Encryption converts information into a scrambled form that requires you to use a private key in order to unscramble and read it. This information is not readable to users or computers that do not possess this key.

Locate or Wipe Missing Devices

If your device is ever stolen or lost, you can take measures to protect any information that may be at risk. If you have location services turned on, you can locate your device or remotely wipe all information by using either Find my iPhone or Android Device Manager.

Find out more about these applications:

Additional Tips for Mobile Security

  • Do not store sensitive, unprotected information on your mobile devices.
  • Only download apps from trusted sources.
  • Keep your devices’ operating systems up to date.
  • Back up your devices regularly.
  • Only connect to trusted Wi-Fi networks.
  • Be cautious of links in text messages from unknown or suspicious senders.
  • Wipe all data from your devices of before you sell them.

Protect Yourself While Traveling

Staying secure while traveling, especially while traveling internationally, exposes you to some special data security risks. Before you travel, please review the following recommendations in order to avoid inconvenient or unpleasant incidents. These recommendations are especially intended to assist international travelers, but it is a good idea to be familiar with many of them even if you are only traveling within the United States.

Before you leave…

  • Decide what devices and data you really need for your trip, and leave the rest at home. Contact the University Research Administration’s Export Controls experts to be sure your arrangements comply with relevant laws and regulations.
  • Check travel conditions and travel warnings with the U.S. State Department travel website. Talk to your host to make sure you understand local laws and data security risks.
  • Update your software, passwords, and device security features. Consider using a loaner device when traveling to certain regions.
  • Let UChicago Traveler, your banks, and your credit card companies know your plans so you can more easily get help in case of a problem.

While you are away…

  • Do not take privacy for granted, whether you are dealing with local government authorities or private citizens.
  • Follow smart security practices to secure your online activity and your physical devices at all times.
  • Use the UChicago VPN connection as much as possible. Use caution when connecting to public wi-fi.

After You Return Home…

  • Return any loaner devices.
  • Have your devices, thumb drives, and any other removable media scanned for malicious software. Do not connect any devices or media to a network until they are tested!
  • If you discover any malware infection, reformat and rebuild with help from your local IT support desk, and restore your data from backups.
  • Inform your bank and credit card companies of your return. Be sure to review all of your financial transactions for suspicious activity.

Get Help

Help Request Portal

You can report issues, get technical support, or consult or IT Knowledge Base at the Service Now Portal.

IT Service Desk

Report a security incident and learn more about security topics at the ITS Security website, or call 2-CERT or (773) 702-2378.

You can also learn more by completing our security training, hosted in Canvas (coming soon!).

IT Services Security

For in-person support, visit TechBar, located on the first floor of the Regenstein Library. Consultants at TechBar can provide support for software installations, virus detection and prevention, wireless connectivity, and more. Learn more about TechBar or call 2-5800 or 773.702.5800 for 24/7 assistance (except on official University holidays).

Other Campus IT Support

Find contact information for your division or departmental IT support in the contact list for local IT support units on campus.

Additional Resources

Copyright and Media At The University of Chicago

Intellectual property laws and guidelines can be complex and difficult to navigate. For information on copyright awareness at UChicago, visit the Copyright Information Page.

Stay Safe Online

Learn how to protect yourself and your devices with tips and resources from the National Cyber Security Alliance.

Security Training (coming soon!)

Boost your knowledge by completing our security training.

ITS Security Website

Find more information about UChicago ITS Security at our website.